mirror of
https://github.com/subsurface/subsurface.git
synced 2024-11-30 22:20:21 +00:00
git: return strdup()ed empty string on error in pop_cstring
The pop_cstring() function is used by the git parser to duplicate a quoted string. On error, it returns an empty string literal. Since the caller expects a copied string and takes ownership of that string, it will ultimately be freed. Concrete example: a log with erroneous cylinder data was opened getting such an empty string literal as description. On closing or syncing with the cloud, the dive is freed, leading to a free of the string literal -> crash. Return a copy of the empty string instead. Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
This commit is contained in:
parent
0a463aad36
commit
71f573da2a
1 changed files with 2 additions and 2 deletions
|
@ -334,11 +334,11 @@ static char *pop_cstring(struct membuffer *str, const char *err)
|
||||||
|
|
||||||
if (!str) {
|
if (!str) {
|
||||||
report_error("git-load: string marker without any strings ('%s')", err);
|
report_error("git-load: string marker without any strings ('%s')", err);
|
||||||
return "";
|
return strdup("");
|
||||||
}
|
}
|
||||||
if (!str->len) {
|
if (!str->len) {
|
||||||
report_error("git-load: string marker after running out of strings ('%s')", err);
|
report_error("git-load: string marker after running out of strings ('%s')", err);
|
||||||
return "";
|
return strdup("");
|
||||||
}
|
}
|
||||||
len = strlen(mb_cstring(str)) + 1;
|
len = strlen(mb_cstring(str)) + 1;
|
||||||
return remove_from_front(str, len);
|
return remove_from_front(str, len);
|
||||||
|
|
Loading…
Reference in a new issue